On Sun, 9 Feb 2003, Thomas Porter, Ph.D. wrote: > My point is: Some vendors are beginning to realize how target-rich this > environment is, and they are taking the appropriate steps in order to > address the cognate security issues. Then perhaps you can explain why an Avaya Intuity VM system purchased less than 6 months ago is running exactly as described below... > A recent pen test revealed several pieces of Avaya/Lucent/AT&T equipment > running everything....echo, chargen, telnet, ftp, sendmail, portmapper, > etc etc etc all buggy and unconfigured. If I crack the box (which > appears to be a cakewalk) I have complete control over an unmonitored > Unix platform. Great for hiding out, launching other attacks, storing > files etc. Further I can control the telephony system via that IP > connection by directly changing configuration files. ...and Avaya pretty much told the customer pack sand when they asked for the root password to secure the box themselves. In this case, it may very well cost the reseller a customer, because when the customer threatened to leverage their physical access to break root for themselves, Avaya balked and told the reseller they were on their own. Any such changes would void the service contract. The box was a default install all the way, with the sole exception (apparently) of the pop3 daemon. Can't recall the specifics, but if I remember correctly, it was an older version of SCO Unixware. -- Jonathan Rickman X Corps Security http://www.xcorps.net ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Feb 10 2003 - 16:18:09 PST